An ongoing spear-phishing campaign is spoofing the official Microsoft.com domain name and targeting users of the company's Office 365 suite, according to security firm Ironscales. Fraudsters are likely using these attacks to harvest credentials.
The hacker-for-hire group DeathStalker, known for conducting espionage campaigns against small and medium-sized businesses, has started using a new malware strain called PowerPepper, according to a report from the security firm Kaspersky.
Interpol, Nigerian law enforcement agencies and security firm Group-IB have collectively uncovered a massive Nigerian business email compromise gang that was active across more than 150 countries. Three suspected members have been arrested in Nigeria.
There is a reason more than half of today's ransomware victims end up paying the ransom. Cyber-criminals have become thoughtful; taking time to maximize your organization's potential damage and their payoff. After achieving root access, the bad guys explore your network reading email, finding data troves and once...
COVID-19 accelerated everything else digital; why not fraud, too? In this latest CEO/CISO panel, cybersecurity leaders talk frankly about the pace and scale of new fraud schemes from business email compromise to card not present to insider risk.
Email and collaboration platforms are the connective tissue
of most businesses and organizations, where information
is shared, plans are hatched, and alliances formed. Yet as a
human-driven medium, email often represents the 'weakest
link' in an organization's security strategy. Indeed, 94% of
cyber-threats...
Email and collaboration platforms are the connective tissue
of most businesses and organizations, where information
is shared, plans are hatched, and alliances formed. Yet as a
human-driven medium, email often represents the 'weakest
link' in an organization's security strategy. Indeed, 94% of
cyber-threats...
The 'work from anywhere' experience has fundamentally changed how we work - and how cyber adversaries leverage email as an attack vector. To adapt to this environment, organizations must deploy a holistic approach that focuses on email defense, awareness and response.
Download this eBook and learn about:
How the...
Russian criminals operating online who want to stay out of jail need only to follow a few simple rules, the primary one being: Never target Russians. So it's surprising that security researchers have uncovered a new ransomware-wielding gang of Russian speakers that includes Russian victims on its hit list.
In the face of growing cybersecurity threats, it is increasingly important to measure the cost and concentration of "exposure." Having an accurate view of the resilience of organizations and industries against cyber-attacks can help target efforts to reduce exposure to the sectors that need it most and enhance...
Do you have a good sense of how well users understand cybersecurity terms and best practices? Do you know the top issues infosec teams are dealing with as a result of phishing attacks? How about the ways organizations are fighting social engineering attacks?
ProofPoint's sixth annual State of the Phish report gives...
The SANS Institute, which is known for its cybersecurity training courses, is now planning to turn its own data breach into a teachable moment for its membership.
The 2019 SANS OT/ICS Security Survey reveals a growing maturity in identifying potential risk and detecting and remediating actual events. People are considered the leading risk for compromise, signaling the need for a blended approach to addressing OT/ICS cybersecurity, one not
solely reliant on technology. The top...
The day after President Trump issued executive orders to ban Chinese-owned social media apps TikTok and WeChat, Sanjay Virmani of the FBI's San Francisco office shared insights on the Chinese cyberthreat, election security and crime trends in the wake of COVID-19.
A U.S. federal court has issued an injunction that gives Microsoft permission to seize control of several malicious domains being used to operate a COVID-19-themed phishing scam, according to recently unsealed court documents.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
